The terms ‘cloud' and ‘security' have gone hand-in-hand since the concept of cloud was first initiated many years ago. The cautious nature of many IT departments meant that for all of the benefits that cloud computing could offer, there was trepidation about shifting the IT environment - even non-critical applications - to the cloud.
However, these fears have largely been eased because of the maturity of the technology available. But there remains a nervousness because cyber criminals have more sophisticated tools at their disposal and are constantly finding new vulnerabilities in existing products to break-in to an organisation's IT environment.
So there needs to be a new recipe that doesn't just secure cloud services for the present, but can continually be updated to fall in line with changes in the industry, technologies and regulation.
The first necessary ingredient is continuous monitoring; with the rise of DevOps teams in businesses, there is a need for speed which is why IT departments often select public cloud services that can scale quickly. However, this added speed comes with a security risk as threats may go unnoticed and cause havoc before the business realises. To ensure security isn't compromised, businesses should analyse and prioritise risks and policy violations, giving security and DevOps teams a clear view of the risks in their cloud environment on an ongoing basis, throughout the application lifecycle. To do this, businesses need to collect data about their cloud services and continuously check that they're falling in line with security best practices to identify if there are any potentially exploitable vulnerabilities.
Every successful IT recipe requires some form of compliance checking. This is why to fully secure the cloud, the second ingredient needs to be continuous compliance reporting. There seem to be new compliance requirements and updates coming along almost all the time, and so a tool which could enable security teams to get continuous, automated compliance audits would ease pressure off the need to manually provide this.
The final core ingredient necessary for cloud security is to consider storage security. Often, storage volumes within public cloud services are an overlooked source of security threats and attacks. So, enterprises need to be able to discover and classify data within containers and buckets. This can help them to evaluate their exposure based on policy, auto-remediate publicly exposed data and even quarantine malware.
With Palo Alto Networks Evident, all three of these ingredients are included as an integral part of comprehensive public cloud security. Evident provides continuous security of public cloud infrastructure services and one-button compliance reports, enabling businesses to deploy applications knowing the cloud is configured to meet its security requirements.